Revision as of 18:31, 23 April 2012

rsyslog is an alternative logger to syslog-ng and offers many benefits over syslog-ng. rsyslog is also the default logger for the latest versions of Red Hat Enterprise Linux, as well as many other Linux distributions. Many of rsyslog's benefits over syslog-ng can be found here: [1].

Configuring hostname

Rsyslog uses the glibc routine gethostname() or gethostbyname() to determine the hostname of the local machine. The gethostname() or gethostbyname() routine check the contents of /etc/hosts for the fully qualified domain name (FQDN) if you are not using BIND or NIS.

You can check what the local machine's currently configured FQDN is by running hostname --fqdn. The output of hostname --short will be used by rsyslog when writing log messages.

The /etc/hosts file contains a number of lines that map FQDNs to IP addresses and that map aliases to FQDNs. See the example /etc/hosts file below:

localhost.localdomain is the first item following the IP address, so gethostbyname() function will return localhost.localdomain as the local machine's FQDN. Then /var/log/messages file will use localhost as hostname.

To use somehost as the hostname. Move somehost.localdomain to the first item: